A group of “nation-state” supported Russian hackers known as Nobelium are behind a new cyberattack targeting United States and European entities, Microsoft announced on Monday.
The company’s Threat Intelligence Center (MSTIC) published a blog post stating that the group was trying to break into the costumers of different IT and cloud service providers, hoping to reach different government agencies and corporations.
“Nobelium hasbeen attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain,” wrote Tom Burt, Microsoft’s Corporate Vice President of Customer Security&Trust, in the post.
“We believe nobelium ultimately hopes to piggyback onany direct access that resellers may have to their customers’ IT systems and more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers.”
Despite the hacker’s robust attempt, the attack was found to be largely unsuccessful. Microsoft notified 141 companies of the attempted breach, and only 14 found that they may have been compromised. Although the software company identified Nobelium as the group responsible, the Biden administration refused to reveal who they believed was behind the hacks. They did offer a statement on the attacks themselves, noting that they were not as advanced as past cyberattacks from Russian-backed groups:
“Broadly speaking, the federal government is aggressively using our authorities to protect the Nation from cyber threats, including helping the private sector defend itself through increased intelligence sharing, innovative partnerships to deploy cybersecurity technologies, bilateral and multilateral diplomacy, and measures we do not speak about publicly for national security reasons,” said a senior official speaking on behalf of the administration to NPR.
Russian “nation-state” hackers have targeted governments in the past
MSTIC noted that the attack was a “nation-state activity.” The Russian government has been linked to various hacking groups and cyber attacks. The Sun published a report two weeks ago detailing how the British government believed that Russian hackers had accessed informationfrom pharmaceutical companies in order to acquire the blueprint for their own Sputnik V vaccine.
Former security minister James Brokenshire, who died this month of lung cancer, said last year that Britain was “more than 95 percent sure” that government-supported Russian hackers had compromised the UK, US and Canada.
Russia defended itself at the time the accusations were first made against them last year, lambasting the British’s “95 percent sure” remark as being arbitrary and unfounded:
“The British say that they are almost certain, or 95 percent, confident in what they say,” Kremlin spokesperson Dmitry Peskov said to the press sardonically. “Why not 96 percent? Or 94 percent? It seems their security services have very peculiar calculation methods.”
Tory MP Bob Seely, who specializes in Russia, told The Sun that Britain must “Get serious about Russian and Chinese espionage.
“Whether it is stealing the design for AstraZeneca or blackmailing us over energy by these authoritarian and totalitarian regimes, we need to get wise to them,” Seely warned.